USN-3511-1

Details

Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16939)

It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service (application crashes) or possibly gain administrative privileges. (CVE-2017-1000405)

Affected Packages

Ubuntu:16.04:LTSlinux-azure

Fixed in:

4.11.0-1016.16

References

REPORThttps://ubuntu.com/security/CVE-2017-1000405 REPORThttps://ubuntu.com/security/CVE-2017-16939 ADVISORYhttps://ubuntu.com/security/notices/USN-3511-1

USN-3511-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline